Computer or microchip with a secure system bios having a separate private network connection to a separate private network
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-015/173
G06F-013/40
H04L-029/06
G06F-011/20
G06F-021/71
G06F-021/50
G06F-021/85
G06F-017/00
출원번호
US-0334283
(2014-07-17)
등록번호
US-9003510
(2015-04-07)
발명자
/ 주소
Ellis, Frampton E.
출원인 / 주소
Ellis, Frampton E.
대리인 / 주소
Mendelsohn, Drucker & Dunleavy, P.C.
인용정보
피인용 횟수 :
1인용 특허 :
199
초록▼
A computer or microchip including a network connection for connection to a public network of computers including the Internet, the network connection being located in a public unit; and an additional and separate network connection for connection to a separate, private network of computers, the addi
A computer or microchip including a network connection for connection to a public network of computers including the Internet, the network connection being located in a public unit; and an additional and separate network connection for connection to a separate, private network of computers, the additional network connection being located in a protected private unit. An inner hardware-based access barrier or firewall is located between and communicatively connects the protected private unit and the public unit; and the private and public units and the two separate network connections are separated by the inner barrier or firewall. The protected private unit includes at least a first microprocessor and a system BIOS located in flash memory. The public unit includes at least a second or many microprocessors separate from the inner barrier or firewall. The inner barrier or firewall comprises a bus with an on/off switch controlling communication input and output.
대표청구항▼
1. A computer or microchip comprising: at least one network connection for connection to at least a public network of computers, said at least one network connection being located in at least one public unit of said computer or microchip,at least one additional and separate network connection for co
1. A computer or microchip comprising: at least one network connection for connection to at least a public network of computers, said at least one network connection being located in at least one public unit of said computer or microchip,at least one additional and separate network connection for connection to at least a separate, private network of computers, said at least one additional and separate network connection being located in at least one protected private unit of said computer or microchip, andat least one inner hardware-based access barrier or inner hardware-based firewall that is located between and communicatively connects said at least one protected private unit of said computer or microchip and said at least one public unit of said computer; or microchip wherein said private and public units and said two separate network connections are separated by said at least one inner hardware-based access barrier or inner hardware-based firewall; andsaid at least one protected private unit of the computer or microchip includes at least a first microprocessor and a system BIOS of the computer or microchip located in flash or other non-volatile memory; said at least one public unit of the computer or microchip includes at least a second microprocessor, andsaid second microprocessor is separate from said at least one inner hardware-based access barrier or inner hardware-based firewall. 2. The computer or microchip of claim 1, wherein the at least one inner hardware-based access barrier or firewall comprises at least one bus with an on/off switch controlling communication input and output. 3. The computer or microchip of claim 1, wherein said at least one protected private unit of the computer or microchip includes a central controller of the computer or microchip, including a master controlling device or a master control unit. 4. The computer or microchip of claim 3, wherein said master controlling device comprises a microprocessor, core or processing unit configured for general purposes. 5. The computer or microchip of claim 1, wherein said at least one protected private unit of the computer or microchip is not configured to connect to the Internet. 6. The computer or microchip of claim 1, wherein the computer or microchip is included in one of a personal computer, a smartphone, a tablet computer, a server, a cloud server array, a blade, a cluster, a supercomputer, a supercomputer array, and a game machine. 7. The computer or microchip of claim 1, wherein the at least one public unit of the computer or microchip includes at least 2 or 4 or 8 or 16 or 32 or 64 or 128 or 256 or 512 or 1024 microprocessors or processing units or cores. 8. The computer or microchip of claim 1, wherein said at least one additional and separate network connection is at least one wired connection to said at least one separate, private network of computers. 9. The computer or microchip of claim 1, wherein said at least one additional and separate network connection is at least one wireless connection to said at least one separate, private network of computers. 10. The computer or microchip of claim 1, wherein the computer or microchip is surrounded by a Faraday Cage. 11. The computer or microchip of claim 1, wherein the at least one inner hardware-based access barrier or inner hardware-based firewall comprises a bus with an on/off switch controlling communication input and output. 12. The computer or microchip of claim 1, wherein the at least one public unit of the computer or microchip includes at least a second microprocessor configured to operate as a general purpose microprocessor. 13. The computer or microchip of claim 1, wherein the computer or microchip is configured to operate as a general purpose computer or microchip. 14. A computer or microchip configured to be securely controlled through a private network of computers, said computer or microchip comprising: at least a secure private unit of said computer or microchip that is protected by at least one inner hardware-based access barrier or firewall;an unprotected public unit of said computer or microchip, said unprotected public unit including at least one network connection for a public network of computers;at least a separate private network connection for at least said private network of computers, at least said separate private network connection for said private network of computers being located in at least said secure private unit of said computer or microchip;at least one microprocessor, core or processing unit configured for general purposes is located in said unprotected public unit, wherein said at least one microprocessor, core or processing unit is separate from said at least one inner hardware-based access barrier or firewall;at least a central controller of the computer or microchip, including a master controlling device or a master control unit and being located in said secure private unit;a system BIOS of the computer or microchip located in flash or other non-volatile memory which is located in said secure private unit; anda secure control bus configured to connect at least said master controlling device with at least said microprocessor, core or processing unit located in said unprotected public unit, said secure control bus being isolated from input from said network and input from components of said unprotected public unit; and said master controlling device being configured for securely controlling at least one operation executed by at least one said microprocessor, core or processing unit in said unprotected public unit, said secure control being provided by said master controlling device in said secure private unit through said private network of computers to said additional and separate private network connection in said secure private unit and via said secure control bus. 15. The computer or microchip of claim 14, wherein the inner hardware-based access barrier or firewall comprises at least one bus with an on/off switch controlling communication input and output. 16. The computer or microchip of claim 15, wherein said secure control bus provides and ensures direct preemptive control by said master controlling device over said unprotected public unit. 17. The computer or microchip of claim 14, wherein said master controlling device comprises a microprocessor, core or processing unit configured for general purposes. 18. The computer or microchip of claim 17, wherein said master controlling device comprises a non-volatile memory. 19. The computer or microchip of claim 14, wherein said secure control bus is configured such that it cannot be affected, interfered with, altered, read from or written to, or superseded by any part of said unprotected public unit or by input from said network. 20. The computer or microchip of claim 19, wherein said one or more secondary controllers are used to control one or more of said at least one microprocessor, core or processing unit located in said unprotected public unit. 21. The computer or microchip of claim 20, wherein said one or more secondary controllers are integrated with one or more of said at least one microprocessor, core or processing unit located in said unprotected public unit. 22. The computer or microchip of claim 14, wherein said secure control bus is configured such that it can be used by said master controlling device to control one or more secondary controllers located on said secure control bus. 23. The computer or microchip of claim 22, wherein said one or more secondary controllers are located in the unprotected public unit. 24. The computer or microchip of claim 14, wherein said secure control bus is wired, wireless or a channel. 25. The computer or microchip of claim 14, wherein said secure control bus is configured to provide a connection to control at least a second firewall located on the periphery of said computer or microchip. 26. The computer or microchip of claim 14, wherein the inner hardware-based access barrier or inner hardware-based firewall comprises a bus with an on/off switch controlling communication input and output. 27. A computer or microchip configured to be securely controlled, said computer or microchip comprising: at least one microprocessor, core or processing unit being configured for general purposes and having a connection for a network of computers;at least a master controlling device for the computer or microchip; anda system BIOS of the computer or microchip located in flash or other non-volatile memory which is located in a portion of the computer or microchip protected by an inner hardware-based access barrier or firewall; anda secure control bus configured to connect at least said master controlling device with at least said at least one microprocessor, core or processing unit, and said secure control bus being isolated from input from said network and input from components of said computer or microchip other than said master controlling device; and said master controlling device being configured for securely controlling at least one operation executed by at least one said microprocessor, core or processing unit, said secure control being provided by said master controlling device via said secure control bus. 28. The computer or microchip of claim 27, wherein the inner hardware-based access barrier or firewall comprises a bus with an on/off switch controlling communication input and output. 29. The computer or microchip of claim 27, wherein said master controlling device comprises a microprocessor, core or processing unit configured for general purposes. 30. The computer or microchip of claim 27, wherein said master controlling device comprises a non-volatile memory. 31. The computer or microchip of claim 27, wherein said secure control bus provides and ensures direct preemptive control by said master controlling device over said at least one microprocessor, core or processing unit. 32. The computer or microchip of claim 27, wherein said secure control bus is configured such that it cannot be affected, interfered with, altered, read from or written to, or superseded by any part of said unprotected public unit or by input from said network. 33. The computer or microchip of claim 27, wherein said secure control bus is configured such that it can be used by said master controlling device to control one or more secondary controllers located on said secure control bus. 34. The computer or microchip of claim 27, wherein said secure control bus is wired, wireless or a channel. 35. The computer or microchip of claim 27, wherein said secure control bus provides a connection to control a firewall located on the periphery of said computer or microchip.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (199)
Nielsen Keith E. (Redondo Beach CA), Active energy control for diode pumped laser systems using pulsewidth modulation.
Benkeser Donald E. (Naperville IL) Cyr Joseph B. (Aurora IL) Greenberg Albert G. (Millburn NJ) Wright Paul E. (Basking Ridge NJ), Adaptive job scheduling for multiprocessing systems with master and slave processors executing tasks with opposite antic.
Bonneau ; Jr. Walt C. (Missouri City TX) Guttag Karl (Missouri City TX) Gove Robert (Dallas TX), Architecture of a chip having multiple processors and multiple memories.
Russell David S. (Minneapolis MN) Fischer Larry G. (Waseca MN) Wala Philip M. (Waseca MN) Ratliff Charles R. (Crystal Lake IL) Brennan Jeffrey (Waseca MN), Cellular communications system with centralized base stations and distributed antenna units.
Naedel Richard G. (Rockville MD) Harris David B. (Columbia MD) Uehling Mark (Bowie MD), Chassis and personal computer for severe environment embedded applications.
Berkowitz David B. (Palo Alto CA) Hao Ming C. (Los Altos CA) Lieu Hung C. (Santa Clara CA) Snow Franklin D. (Saratoga CA), Collaborative computing system using pseudo server process to allow input from different server processes individually a.
Sumimoto Shinji (Kawasaki JPX), Computer resource distributing method and system for distributing a multiplicity of processes to a plurality of computer.
Lindman Richard S. (3708 17th Ave. South Minneapolis MN 55407) Lindman Richard P. (7625 18th Ave. South Richfield MN 55423) Myers Edward D. (4440 Denton Way Inver Grove Heights MN 55075), Computer security system.
Passera Anthony ; Thorp John R. ; Beckerle Michael J. ; Zyszkowski Edward S. A., Computer system and computerized method for partitioning data for parallel processing.
Jones Oliver (Andover MA) Deshon Mary (Winthrop MA) Ericsson Staffan (Brookline MA) Flach James (Cave Creek AZ), Computer teleconferencing method and apparatus.
Ellis, III, Frampton E., Computers and microchips with a faraday cage, a side protected by an internal hardware firewall and an unprotected side connected to the internet for network operations, and with internal hardware compartments.
Ellis, III, Frampton E., Computers or microchips with a hardware side protected by a primary internal hardware firewall and an unprotected hardware side connected to a network, and with multiple internal hardware compartments protected by multiple secondary inner hardware firewalls.
Glick James A. (Granite Shoals TX) Graczyk Ronald B. (Round Rock TX) Nurick Albert F. (Austin TX) Fraley Brittain D. (Austin TX), Computing and multimedia entertainment system.
Leung Wing Y. (Cupertino CA) Hsu Fu-Chieh (Saratoga CA), Defect tolerant integrated circuit subsystem for communication between a module and a bus controller in a wafer-scale in.
Morley Richard E. (Greenville NH), Digital computer with multi-processor capability utilizing intelligent composite memory and input/output modules and met.
Bruckert William F. (Northboro MA) Bissett Thomas D. (Derry NH) Riegelhaupt Norbert H. (Framingham MA), Dual-rail processor with error checking at single rail interfaces.
Rosenberry Steven (Reading PA), Dynamic fault-tolerant parallel processing system for performing an application function with increased efficiency using.
Pian Chao-Kuang (Anaheim CA) Habereder Hans L. (Orange CA), Dynamic task allocation in a multi-processor system employing distributed control processors and distributed arithmetic.
Pezeshki Bardia (Huntington Beach CA) Harris ; Jr. James S. (Stanford CA), Electrostatically tunable optical device and optical interconnect for processors.
Wilkinson Paul Amba ; Dieffenderfer James Warren ; Kogge Peter Michael ; Schoonover Nicholas Jerome, Fully scalable parallel processing system having asynchronous SIMD processing.
Nguyen Tam M. (Valhalla NY) Rana Deepak (Yorktown Heights NY) Ruiz Antonio (Yorktown Heights NY) Willner Barry E. (Briarcliff Manor NY), Hybrid digital/analog multimedia hub with dynamically allocated/released channels for video processing and distribution.
Fucito Michele (Meta ITX) Recchia Maruo (Rome ITX) Puglia Silvestro (Pomezia ITX) Mariani Claudio (Rome ITX) Colangeli Giulio (Gerenzano di Roma ITX) Rotunno Antonio (Salerno ITX), Interface unit for dynamically configuring a buffer in different modes to store data transfers based upon different conn.
Guy Charles B. (Hillsboro OR) Cadambi Sudarshan B. (Beaverton OR) Gutmann Michael J. (Portland OR) Bhasker Narjala (Portland OR) Trethewey Jim R. (Beaverton OR) McArdle Brian J. (Beaverton OR), Interrupt distribution scheme for a computer bus.
Wade Jon P. ; Cassiday Daniel R. ; Lordi Robert D. ; Steele ; Jr. Guy Lewis ; St. Pierre Margaret A. ; Wong-Chan Monica C. ; Abuhamdeh Zahi S. ; Douglas David C. ; Ganmukhi Mahesh N. ; Hill Jeffrey V, Massively parallel computer including auxiliary vector processor.
Kessler Richard E. ; Oberlin Steven M. ; Scott Steven L., Massively parallel processing system using two data paths: one connecting router circuit to the interconnect network an.
Bruckert William (Northboro MA) Kovalcin David (Grafton MA) Bissett Thomas D. (Derry NH) Munzer John (Brookline MA) Mazur Dennis (Worcester MA) Mott ; Jr. Peter R. (Worcester MA) Dearth Glenn A. (Hud, Method and apparatus for controlling initiation of bootstrap loading of an operating system in a computer system having.
Ault Donald Fred ; Bender Ernest Scott ; Spiegel Michael Gary, Method and apparatus for creating a security environment for a user task in a client/server system.
Anderson Mark Stephen,AUX ; Griffin John Edmund,AUX ; North Christopher James Guildford,AUX ; Yesberg John Desborough,AUX ; Yiu Kenneth Kwok-Hei,AUX ; Milner Robert Brunyee,AUX, Method and means for interconnecting different security level networks.
Kisor Greg, Method and system including a central computer that assigns tasks to idle workstations using availability schedules and computational capabilities.
Farnworth Warren M. (Boise ID) Duesman Kevin (Boise ID) Heitzeberg Ed (Boise ID), Method for fabricating wafer-scale integration wafers and method for utilizing defective wafer-scale integration wafers.
Rausch Dieter (Karlsruhe DEX), Method for preventing an overload when starting a multicomputer system and multicomputer system for carrying out said me.
Shorter David U. (Lewisville TX), Method for scheduling execution of distributed application programs at preset times in an SNA LU 6.2 network environment.
Harris Jonathan P. (Littleton MA) Leibholz Daniel (Watertown MA) Miller Brad (Westborough MA), Method of dynamically allocating processors in a massively parallel processing system.
Ellis, Frampton E., Method of securely controlling through one or more separate private networks an internet-connected computer having one or more hardware-based inner firewalls or access barriers.
Ellis, Frampton E., Methods of securely controlling through one or more separate private networks an internet-connected computer having one or more hardware-based inner firewalls or access barriers.
Hu Ming K. (Syracuse NY) Jia Yau G. (Nanjing ; Jiangsu CNX), Microprogram-coupled multiple-microprocessor module with 32-bit byte width formed of 8-bit byte width microprocessors.
Barker Thomas Norman ; Collins Clive Allan ; Dapp Michael Charles ; Dieffenderfer James Warren ; Knowles Billy Jack ; Rolfe David Bruce, N-dimensional modified hypercube.
Hodge Winston W. (Yorba Linda CA) Taylor Lawrence E. (Anaheim CA), Near-video-on-demand digital video distribution system utilizing asymmetric digital subscriber lines.
Georgiou,Christos J.; Gregurick,Victor L.; Nair,Indira; Salapura,Valentina, Network processor system on chip with bridge coupling protocol converting multiprocessor macro core local bus to peripheral interfaces coupled system bus.
Hinsley Christopher Andrew,GBX, Operating system for use with computer networks incorporating one or more data processors linked together for parallel p.
Chin Danny (Robbinsville NJ) Sauer Donald J. (Allentown NJ) Meyerhofer Dietrich (Princeton NJ) Katsuki Kazuo (Hyogo JPX), Parallel digital processing system using optical interconnection between control sections and data processing sections.
Beatty Harry J. (Clinton Corners NY) Elmendorf Peter C. (Kingston NY) Gillis Roland R. (Ulster Park NY) Pramanick Ira (Wappingers Falls NY), Parallel execution of a complex task partitioned into a plurality of entities.
Beatty Harry John ; Elmendorf Peter Claude ; Gillis Roland Roberto ; Pramanick Ira, Parallel execution of a complex task partitioned into a plurality of entities.
Policard, Claude M, Personal computer having a master computer system and an internet computer system and monitoring a condition of said master and internet computer systems.
Bahr James E. (Rochester MN) Corrigan Michael J. (Rochester MN) Knipfer Diane L. (Rochester MN) McMahon Lynn A. (Rochester MN) Metzger Charlotte B. (Elgin MN), Process for dispatching tasks among multiple information processors.
Nelson Darul J. ; Noval James V. ; Suarez Ricardo E. ; Aghazadeh Mostafa A., Processor card assembly including a heat sink attachment plate and an EMI/ESD shielding cage.
Gregerson Daniel P. ; Farrell David R. ; Gaitonde Sunil S. ; Ahuja Ratinder P. ; Ramakrishnan Krish ; Shafiq Muhammad ; Wallis Ian F., Scalable distributed computing environment.
Browne Hendrik A., Secure computer system and method of providing secure access to a computer system including a stand alone switch operable to inhibit data corruption on a storage device.
Ohta Hiroyuki,JPX ; Miura Hideo,JPX ; Usami Mitsuo,JPX ; Kametani Masatsugu,JPX ; Zen Munetoshi,JPX ; Okamoto Noriaki,JPX, Semiconductor device having plural chips with the sides of the chips in face-to-face contact with each other in the same.
Danahy John J. ; Kinney Daryl F. ; Pulsinelli Gary S. ; Rose Lawrence J. ; Kumar Navaneet, Service-centric monitoring system and method for monitoring of distributed services in a computing network.
Hoover Russell D. (Rochester MN) Willis John C. (Rochester MN) Baldus Donald F. (Mazeppa MN) Ziegler Frederick J. (Rochester MN) Liu Lishing (Pleasantville NY), System and method for empty notification from peer cache units to global storage control unit in a multiprocessor data p.
Teper Jeffrey A. ; Koneru Sudheer ; Mangione Gordon ; Balaz Rudolph ; Contorer Aaron M. ; Chao Lucy, System and method for providing trusted brokering services over a distributed network.
Chasek Norman E. (24 Briar Brae Rd. Stamford CT 06903), System for developing real time economic incentives to encourage efficient use of the resources of a regulated electric.
Leclercq Thierry (Paris FRX) Sallio Patrick (Thorigne-Fouillard FRX), System for management of the usage of data consultations in a telecommunication network.
Choquier Philippe,FRX ; Peyroux Jean-Francios ; Griffin William J., System for on-line service in which gateway computer uses service map which includes loading condition of servers broad.
Baehr Geoffrey G. ; Danielson William ; Lyon Thomas L. ; Mulligan Geoffrey ; Patterson Martin,FRX ; Scott Glenn C. ; Turbyfill Carolyn, System for packet filtering of data packets at a computer network interface.
Shwed Gil,ILX ; Kramer Shlomo,ILX ; Zuk Nir,ILX ; Dogon Gil,ILX ; Ben-Reuven Ehud,ILX, System for securing the flow of and selectively modifying packets in a computer network.
Padgaonkar Ajay J. (Phoenix AZ) Mitra Sumit K. (Tempe AZ), System for single cycle transfer of unmodified data to a next sequentially higher address in a semiconductor memory.
Kraft Reiner ; Lu Qi ; Wisebond Marat, Task distribution processing system and the method for subscribing computers to perform computing tasks during idle time.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.